From 25ac5f06c14c742027aaae0567fb47be02f04ece Mon Sep 17 00:00:00 2001
From: skr <skr@schubert.tech>
Date: Wed, 4 Dec 2019 07:22:55 +0100
Subject: [PATCH] GUACAMOLE-784: Tolerate port number within X-Forwarded-For
 header
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Currently the Regex pares only Header with IPs only.
But some Cloud Services provide Header with “IP:Port” and they are not changeable.

A change in the Line 96 and 101 could may solve this topic.

BG
Sporeno

GUACAMOLE-784: Changed Quantifiers of Port extension in the IP-Regexs

GUACAMOLE-784: Changed IP-Regexs to accept also Ports with 5 Digits (Fix)

GUACAMOLE-784: Separated Port-Regex from IP-Regexes to avoid duplicated Code for IPv4 and IPv6

Created new Constant for Port matching Regex

GUACAMOLE-784: Change Comments according standard formatting for JavaDoc comments
GUACAMOLE-784: Tolerate port number within X-Forwarded-For header

Currently the Regex pares only Header with IPs only.
But some Cloud Services provide Header with “IP:Port” and they are not changeable.

A change in the Line 96 and 101 could may solve this topic.

BG
Sporeno

GUACAMOLE-784: Changed Quantifiers of Port extension in the IP-Regexs

GUACAMOLE-784: Tolerate port number within X-Forwarded-For header
---
 .../apache/guacamole/rest/auth/AuthenticationService.java  | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/guacamole/src/main/java/org/apache/guacamole/rest/auth/AuthenticationService.java b/guacamole/src/main/java/org/apache/guacamole/rest/auth/AuthenticationService.java
index 7f388572a..0f4fef83c 100644
--- a/guacamole/src/main/java/org/apache/guacamole/rest/auth/AuthenticationService.java
+++ b/guacamole/src/main/java/org/apache/guacamole/rest/auth/AuthenticationService.java
@@ -105,11 +105,16 @@ public class AuthenticationService {
      */
     private static final String IP_ADDRESS_REGEX = "(" + IPV4_ADDRESS_REGEX + "|" + IPV6_ADDRESS_REGEX + ")";
 
+    /**
+     * Regular expression which matches any Port Number.
+     */
+    private static final String PORT_NUMBER_REGEX = "(:[0-9]{1,5})?";
+    
     /**
      * Pattern which matches valid values of the de-facto standard
      * "X-Forwarded-For" header.
      */
-    private static final Pattern X_FORWARDED_FOR = Pattern.compile("^" + IP_ADDRESS_REGEX + "(, " + IP_ADDRESS_REGEX + ")*$");
+    private static final Pattern X_FORWARDED_FOR = Pattern.compile("^" + IP_ADDRESS_REGEX + PORT_NUMBER_REGEX + "(, " + IP_ADDRESS_REGEX + PORT_NUMBER_REGEX + ")*$");
 
     /**
      * Returns a formatted string containing an IP address, or list of IP